Moderate Risk

Threat level

cl.bci.sismo.mach

MACH

Analyzed on 2021-10-11T15:12:12.589394

25

permissions

33

activities

22

services

15

receivers

36

domains

File sums

MD5 0ef9ca539554c7de155b79e80ce710e8
SHA1 f384ac1f4f20c643daeb0c14def1cc7e41a03006
SHA256 cd7b39ef44e1c73b351a2a6f4e10a80f1b6464138f3c3ea3991bc336dcdfb13e
Size 22.96MB

APKiD

Information computed with APKiD.

/tmp/tmpjz0xcm2w!classes.dex
anti_vm
  • Build.FINGERPRINT check
  • Build.MODEL check
  • Build.MANUFACTURER check
  • Build.PRODUCT check
  • network operator name check
  • ro.kernel.qemu check
compiler
  • r8
/tmp/tmpjz0xcm2w!classes2.dex
anti_vm
  • Build.FINGERPRINT check
  • Build.MODEL check
  • Build.MANUFACTURER check
  • Build.PRODUCT check
  • Build.HARDWARE check
  • Build.BOARD check
  • possible Build.SERIAL check
  • Build.TAGS check
  • SIM operator check
  • network operator name check
  • device ID check
anti_debug
  • Debug.isDebuggerConnected() check
compiler
  • r8 without marker (suspicious)
/tmp/tmpjz0xcm2w!classes3.dex
anti_vm
  • Build.FINGERPRINT check
  • Build.MODEL check
  • Build.MANUFACTURER check
  • Build.PRODUCT check
  • network operator name check
  • possible ro.secure check
compiler
  • r8 without marker (suspicious)

SSdeep

Information computed with ssdeep.

APK file 393216:rHJRhIDdbTQIIwuL2dl44JD+aRsy7CXhux/DlhzZBkSaEfp42zNDmPix+xRengZT:T5IbkIIwjd1Zb97Mux/3zdaEy2zNKPiG
Manifest 768:FzLpH9K6hBVRxcKE6X1SbqUQtoTYoi8gLobJITyNDGAaJgQTdhpcKVkCMK134yld:…
classes.dex 49152:FIT0OxrkhcyFDmR/GIgw+/+VTEKiG+Tw1mzlygUyx6mHcF0JfTUBMscKJHOHj5I…
classes2.dex 98304:GRzYhbrZ94iuBhUwrwQ1Frn89eT3ea3vp390P:GReZiBhUwrwQ1Frnz3h3i
classes3.dex 49152:6Dg81poDRZ3FymtOH+BrcR4NiMw3/naXvzmn:6Dg81pEfrBrmn

Dexofuzzy

Information computed with Dexofuzzy.

APK file 12288:iOJF8Puu8/LYnO2QV8oP6bgfg2Z7N49P2V6ke4NPIa6lgC5Ea4Zh45/CXq4e98g…
classes.dex 6144:BU2cyituui2l4fFDfZGqFR299unid8uo+flo9kVS+C8iqqqqqqqfqqqqqqqqwqq/…
classes2.dex 6144:vfg2Z5pKAlol9P2V6nyd9MmtNPUP1a6ldWLfm5wtV5Fa4j:vfg2Z7N49P2V6ke4N…
classes3.dex 6144:1hXW++hrOQzbym88H01/Xq4OpyYI+VAYrqqe9Kn8:1h45/CXq4e98g8

APK details

Information computed with AndroGuard and Pithus.

Package cl.bci.sismo.mach
App name MACH
Version name 3.22.1
Version code 267
SDK 21 - 29
UAID e488aec2d9c64402421efca086932392e7464317
Signature Signature V1 Signature V2 Signature V3
Frosting Frosted
Blocks found within V2 signature:
  • 0x7109871a: Unknown
  • 0xf05368c0: Unknown
  • 0x6dff800d: Source stamp V2 X509 cert
  • 0x2146444e: Google metadata
  • 0x42726577: Verity padding

Certificate details

Information computed with AndroGuard.

MD5 227a039d4ec204344f460dbb15c3625f
SHA1 a11618d13c60f57d7368fc20e4d0b48dc64fa779
SHA256 977f9b7fc0a71d9bc9a223582902f5d98268bb17001fe2651310960324202d7c
Issuer Common Name: Sismo Mach, Organizational Unit: Mobile Development, Organization: Mach, Locality: Santiago, State/Province: Region Metropolitana, Country: CL
Not before 2017-06-14T13:15:23+00:00
Not after 2116-05-21T13:15:23+00:00

File Analysis

Information computed with MobSF.

Findings Files
Certificate/Key files hardcoded inside the app. okhttp3/internal/publicsuffix/NOTICE
stamp-cert-sha256

Manifest analysis

Information computed with MobSF.

Medium Application Data can be Backed up[android:allowBackup=true]
This flag allows anyone to backup your application data via adb. It allows users who have enabled USB debugging to copy application data off of the device.
High Activity (cl.bci.sismo.mach.machapp.utils.appbase.BlankActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (cl.bci.sismo.mach.di.test.TestBlankActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (io.branch.referral.InstallListener) is not Protected. [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (cl.bci.sismo.mach.accountmanager.AuthenticatorService) is not Protected.An intent-filter exists.
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Service is explicitly exported.
High Service (cl.bci.sismo.mach.machapp.utils.services.notifications.NotificationsListenerService) is not Protected.An intent-filter exists.
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Service is explicitly exported.
High Service (androidx.work.impl.background.systemjob.SystemJobService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: android.permission.BIND_JOB_SERVICE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Broadcast Receiver (org.altbeacon.beacon.startup.StartupBroadcastReceiver) is not Protected.An intent-filter exists.
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Broadcast Receiver is explicitly exported.
High Service (com.google.android.play.core.assetpacks.AssetPackExtractionService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (com.google.android.gms.auth.api.signin.RevocationBoundService) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.google.android.gms.auth.api.signin.permission.REVOCATION_NOTIFICATION [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.google.firebase.auth.internal.FederatedSignInActivity) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.google.firebase.auth.api.gms.permission.LAUNCH_FEDERATED_SIGN_IN [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (com.google.firebase.auth.internal.GenericIdpActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Activity (com.google.firebase.auth.internal.RecaptchaActivity) is not Protected. [android:exported=true]
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (com.google.firebase.messaging.FirebaseMessagingService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Broadcast Receiver (com.google.firebase.iid.FirebaseInstanceIdReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.google.android.c2dm.permission.SEND [android:exported=true]
A Broadcast Receiver is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Service (com.google.firebase.iid.FirebaseInstanceIdService) is not Protected. [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device.
High Service (com.firebase.jobdispatcher.GooglePlayReceiver) is Protected by a permission, but the protection level of the permission should be checked.
Permission: com.google.android.gms.permission.BIND_NETWORK_TASK_SERVICE [android:exported=true]
A Service is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. It is protected by a permission which is not defined in the analysed application. As a result, the protection level of the permission should be checked where it is defined. If it is set to normal or dangerous, a malicious application can request and obtain the permission and interact with the component. If it is set to signature, only applications signed with the same certificate can obtain the permission.
High Activity (androidx.test.core.app.InstrumentationActivityInvoker$BootstrapActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (androidx.test.core.app.InstrumentationActivityInvoker$EmptyActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.
High Activity (androidx.test.core.app.InstrumentationActivityInvoker$EmptyFloatingActivity) is not Protected.An intent-filter exists.
An Activity is found to be shared with other apps on the device therefore leaving it accessible to any other application on the device. The presence of intent-filter indicates that the Activity is explicitly exported.

Browsable activities

Information computed with MobSF.

cl.bci.sismo.mach.machapp.splash.SplashScreenActivity

Hosts: open pay request pay-biz bill-payment mach.app.link mach.test-app.link

Schemes: machapp:// https://

com.google.firebase.auth.internal.GenericIdpActivity

Hosts: firebase.auth

Schemes: genericidp://

com.google.firebase.auth.internal.RecaptchaActivity

Hosts: firebase.auth

Schemes: recaptcha://

Main Activity

Information computed with AndroGuard.

cl.bci.sismo.mach.machapp.splash.SplashScreenActivity

Activities

Information computed with AndroGuard.

cl.bci.sismo.mach.machapp.error.ErrorActivity
cl.bci.sismo.mach.machapp.login.LoginActivity
cl.bci.sismo.mach.machapp.main.MainActivity
cl.bci.sismo.mach.machapp.utils.appbase.GenericActivity
cl.bci.sismo.mach.machapp.utils.appbase.BlankActivity
cl.bci.sismo.mach.di.test.TestBlankActivity
cl.bci.sismo.mach.machapp.authenticationprocess.authentication.AuthenticationActivity
cl.bci.sismo.mach.machapp.splash.SplashScreenActivity
cl.bci.sismo.featureTransitCardRecharge.TransportCardRechargeActivity
com.usabilla.sdk.ubform.screenshot.UbScreenshotActivity
cl.bci.sismo.helpcenter.modules.HelpActivity
zendesk.support.request.RequestActivity
zendesk.support.requestlist.RequestListActivity
zendesk.support.guide.ViewArticleActivity
zendesk.support.guide.HelpCenterActivity
com.onfido.android.sdk.capture.ui.camera.CaptureActivity
com.onfido.android.sdk.capture.ui.OnfidoActivity
zendesk.messaging.MessagingActivity
cat.ereza.customactivityoncrash.activity.DefaultErrorActivity
com.appboy.ui.AppboyWebViewActivity
com.appboy.ui.activities.AppboyFeedActivity
com.appboy.ui.activities.AppboyContentCardsActivity
com.appboy.push.AppboyNotificationRoutingActivity
com.google.android.play.core.missingsplits.PlayCoreMissingSplitsActivity
com.google.android.play.core.common.PlayCoreDialogWrapperActivity
com.google.android.gms.auth.api.signin.internal.SignInHubActivity
com.google.firebase.auth.internal.FederatedSignInActivity
com.google.firebase.auth.internal.GenericIdpActivity
com.google.firebase.auth.internal.RecaptchaActivity
com.google.android.gms.common.api.GoogleApiActivity
androidx.test.core.app.InstrumentationActivityInvoker$BootstrapActivity
androidx.test.core.app.InstrumentationActivityInvoker$EmptyActivity
androidx.test.core.app.InstrumentationActivityInvoker$EmptyFloatingActivity

Receivers

Information computed with AndroGuard.

io.branch.referral.InstallListener
zendesk.support.DeepLinkingBroadcastReceiver
androidx.work.impl.utils.ForceStopRunnable$BroadcastReceiver
androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryChargingProxy
androidx.work.impl.background.systemalarm.ConstraintProxy$BatteryNotLowProxy
androidx.work.impl.background.systemalarm.ConstraintProxy$StorageNotLowProxy
androidx.work.impl.background.systemalarm.ConstraintProxy$NetworkStateProxy
androidx.work.impl.background.systemalarm.RescheduleReceiver
androidx.work.impl.background.systemalarm.ConstraintProxyUpdateReceiver
com.appboy.AppboyFcmReceiver
org.altbeacon.beacon.startup.StartupBroadcastReceiver
com.google.firebase.iid.FirebaseInstanceIdReceiver
com.google.android.gms.measurement.AppMeasurementReceiver
com.google.android.datatransport.runtime.scheduling.jobscheduling.AlarmManagerSchedulerBroadcastReceiver
com.appboy.receivers.AppboyActionReceiver

Services

Information computed with AndroGuard.

cl.bci.sismo.mach.accountmanager.AuthenticatorService
cl.bci.sismo.mach.machapp.utils.services.notifications.NotificationsListenerService
com.usabilla.sdk.ubform.net.FeedbackResubmissionService
androidx.work.impl.background.systemalarm.SystemAlarmService
androidx.work.impl.background.systemjob.SystemJobService
com.google.firebase.components.ComponentDiscoveryService
org.altbeacon.beacon.service.BeaconService
org.altbeacon.beacon.BeaconIntentProcessor
org.altbeacon.beacon.service.ScanJob
org.altbeacon.bluetooth.BluetoothTestJob
com.google.android.play.core.assetpacks.AssetPackExtractionService
com.google.android.play.core.assetpacks.ExtractionForegroundService
com.google.android.gms.auth.api.signin.RevocationBoundService
com.google.firebase.auth.api.fallback.service.FirebaseAuthFallbackService
com.google.firebase.messaging.FirebaseMessagingService
com.google.firebase.iid.FirebaseInstanceIdService
com.firebase.jobdispatcher.GooglePlayReceiver
com.google.android.gms.measurement.AppMeasurementService
com.google.android.gms.measurement.AppMeasurementJobService
androidx.room.MultiInstanceInvalidationService
com.google.android.datatransport.runtime.backends.TransportBackendDiscovery
com.google.android.datatransport.runtime.scheduling.jobscheduling.JobInfoSchedulerService

NIAP analysis

Information computed with MobSF.

FCS_RBG_EXT.1.1 The application implement DRBG functionality for its cryptographic operations.
Random Bit Generation Services
FCS_STO_EXT.1.1 The application does not store any credentials to non-volatile memory.
Storage of Credentials
FCS_CKM_EXT.1.1 The application implement asymmetric key generation.
Cryptographic Key Generation Services
FDP_DEC_EXT.1.1 The application has access to ['network connectivity', 'camera', 'location', 'bluetooth', 'microphone'].
Access to Platform Resources
FDP_DEC_EXT.1.2 The application has access to ['address book'].
Access to Platform Resources
FDP_NET_EXT.1.1 The application has user/application initiated network communications.
Network Communications
FDP_DAR_EXT.1.1 The application implement functionality to encrypt sensitive data in non-volatile memory.
Encryption Of Sensitive Application Data
FMT_MEC_EXT.1.1 The application invoke the mechanisms recommended by the platform vendor for storing and setting configuration options.
Supported Configuration Mechanism
FTP_DIT_EXT.1.1 The application does encrypt some transmitted data with HTTPS/TLS/SSH between itself and another trusted IT product.
Protection of Data in Transit
FCS_RBG_EXT.2.1
FCS_RBG_EXT.2.2
The application perform all deterministic random bit generation (DRBG) services in accordance with NIST Special Publication 800-90A using Hash_DRBG. The deterministic RBG is seeded by an entropy source that accumulates entropy from a platform-based DRBG and a software-based noise source, with a minimum of 256 bits of entropy at least equal to the greatest security strength (according to NIST SP 800-57) of the keys and hashes that it will generate.
Random Bit Generation from Application
FCS_CKM.1.1(1) The application generate asymmetric cryptographic keys not in accordance with FCS_CKM.1.1(1) using key generation algorithm RSA schemes and cryptographic key sizes of 1024-bit or lower.
Cryptographic Asymmetric Key Generation
FCS_CKM.1.1(3)
FCS_CKM.1.2(3)
A password/passphrase shall perform [Password-based Key Derivation Functions] in accordance with a specified cryptographic algorithm..
Password Conditioning
FCS_COP.1.1(1) The application perform encryption/decryption in accordance with a specified cryptographic algorithm AES-CBC (as defined in NIST SP 800-38A) mode or AES-GCM (as defined in NIST SP 800-38D) and cryptographic key sizes 256-bit/128-bit.
Cryptographic Operation - Encryption/Decryption
FCS_COP.1.1(2) The application perform cryptographic hashing services not in accordance with FCS_COP.1.1(2) and uses the cryptographic algorithm RC2/RC4/MD4/MD5.
Cryptographic Operation - Hashing
FCS_COP.1.1(3) The application perform cryptographic signature services (generation and verification) in accordance with a specified cryptographic algorithm RSA schemes using cryptographic key sizes of 2048-bit or greater.
Cryptographic Operation - Signing
FCS_COP.1.1(4) The application perform keyed-hash message authentication with cryptographic algorithm ['HMAC-SHA-256'] .
Cryptographic Operation - Keyed-Hash Message Authentication
FCS_HTTPS_EXT.1.1 The application implement the HTTPS protocol that complies with RFC 2818.
HTTPS Protocol
FCS_HTTPS_EXT.1.2 The application implement HTTPS using TLS.
HTTPS Protocol
FCS_HTTPS_EXT.1.3 The application notify the user and not establish the connection or request application authorization to establish the connection if the peer certificate is deemed invalid.
HTTPS Protocol
FIA_X509_EXT.1.1 The application invoked platform-provided functionality to validate certificates in accordance with the following rules: ['The application validate a certificate path by ensuring the presence of the basicConstraints extension and that the CA flag is set to TRUE for all CA certificates'].
X.509 Certificate Validation
FIA_X509_EXT.1.2 The application treat a certificate as a CA certificate only if the basicConstraints extension is present and the CA flag is set to TRUE.
X.509 Certificate Validation
FIA_X509_EXT.2.1 The application use X.509v3 certificates as defined by RFC 5280 to support authentication for HTTPS , TLS.
X.509 Certificate Authentication
FIA_X509_EXT.2.2 When the application cannot establish a connection to determine the validity of a certificate, the application allow the administrator to choose whether to accept the certificate in these cases or accept the certificate ,or not accept the certificate.
X.509 Certificate Authentication
FPT_TUD_EXT.2.1 The application shall be distributed using the format of the platform-supported package manager.
Integrity for Installation and Update
FCS_CKM.1.1(2) The application shall generate symmetric cryptographic keys using a Random Bit Generator as specified in FCS_RBG_EXT.1 and specified cryptographic key sizes 128 bit or 256 bit.
Cryptographic Symmetric Key Generation

Code analysis

Information computed with MobSF.

High
CVSS:7.4
Files may contain hardcoded sensitive informations like usernames, passwords, keys etc.
MASVS: MSTG-STORAGE-14
CWE-312 Cleartext Storage of Sensitive Information
M9: Reverse Engineering
Files:
 cl/bci/sismo/core/models/p2p/e.java
com/onfido/android/sdk/capture/ui/camera/CaptureUploadService.java
com/newrelic/agent/android/SavedState.java
com/appboy/configuration/AppboyConfig.java
com/newrelic/agent/android/util/PersistentUUID.java
zendesk/support/requestlist/RequestListModel.java
com/onfido/api/client/MultipartCheckRequestCreator.java
com/appsflyer/CreateOneLinkHttpTask.java
cl/bci/sismo/core/network/c/b/bo.java
zendesk/core/ZendeskStorage.java
zendesk/core/Constants.java
org/altbeacon/beacon/service/StartRMData.java
com/onfido/android/sdk/capture/ui/LoadingFragment.java
cl/bci/sismo/view/a/a/b/a.java
zendesk/core/ZendeskIdentityStorage.java
com/newrelic/agent/android/harvest/HarvestConfiguration.java
zendesk/support/ZendeskArticleVoteStorage.java
org/altbeacon/beacon/service/MonitoringData.java
zendesk/core/LegacyIdentityMigrator.java
com/newrelic/agent/android/connectivity/CatPayload.java
com/onfido/api/client/MultipartDocumentRequestCreator.java
zendesk/support/ZendeskRequestStorage.java
com/onfido/android/sdk/capture/analytics/SegmentInteractor.java
com/newrelic/agent/android/harvest/AgentHealth.java
com/onfido/android/sdk/capture/ui/camera/CaptureActivity.java
com/onfido/android/sdk/capture/analytics/AnalyticsInteractor.java
com/pubnub/api/g/a/b.java
org/altbeacon/beacon/service/RangingData.java
zendesk/core/ZendeskCoreSettingsStorage.java
zendesk/support/requestlist/RequestListView.java
com/appsflyer/AppsFlyerProperties.java
com/onfido/android/sdk/capture/utils/ApiTokenUtil.java
com/onfido/api/client/MultiPartRequestCreator.java
com/onfido/api/client/MultipartLiveVideoRequestCreator.java
com/newrelic/agent/android/measurement/producer/HttpErrorMeasurementProducer.java
org/altbeacon/beacon/service/SettingsData.java
com/onfido/android/sdk/capture/ui/country_selection/CountrySelectionFragment.java
com/onfido/android/sdk/capture/common/permissions/PermissionsManagementFragment.java
zendesk/support/CreateRequest.java
com/apptimize/segment/ApptimizeIntegration.java
Low
CVSS:7.5
The App logs information. Sensitive information should never be logged.
MASVS: MSTG-STORAGE-3
CWE-532 Insertion of Sensitive Information into Log File
Files:
 org/altbeacon/beacon/service/ScanState.java
com/newrelic/agent/android/payload/PayloadSender.java
com/newrelic/agent/android/SavedState.java
com/firebase/jobdispatcher/e.java
cl/bci/sismo/core/db/b/a/a/a.java
siftscience/android/Uploader.java
com/onfido/android/sdk/capture/ui/camera/Exif.java
com/bumptech/glide/load/resource/bitmap/q.java
com/firebase/jobdispatcher/GooglePlayReceiver.java
com/bumptech/glide/load/b/i.java
com/newrelic/agent/android/instrumentation/retrofit/ContentBufferingTypedInput.java
com/newrelic/agent/android/agentdata/AgentDataSender.java
com/usabilla/sdk/ubform/screenshot/camera/b/a.java
com/onfido/android/sdk/capture/ui/camera/face/CameraSourcePreview.java
cat/ereza/customactivityoncrash/a.java
com/newrelic/agent/android/tracing/Trace.java
com/apptimize/bd.java
cl/bci/sismo/mach/machapp/login/newaccount/d/b.java
com/newrelic/agent/android/activity/config/ActivityTraceConfigurationDeserializer.java
com/newrelic/agent/android/util/ActivityLifecycleBackgroundListener.java
com/apptimize/Apptimize.java
cl/bci/sismo/core/network/apiclient/h.java
com/newrelic/agent/android/FeatureFlag.java
com/appboy/support/AppboyLogger.java
com/newrelic/agent/android/analytics/AnalyticsControllerImpl.java
com/newrelic/agent/android/instrumentation/HttpsURLConnectionExtension.java
com/newrelic/agent/android/harvest/HttpError.java
com/newrelic/agent/android/analytics/AnalyticsEvent.java
org/c/b/g.java
com/newrelic/agent/android/instrumentation/HttpURLConnectionExtension.java
siftscience/android/SiftImpl.java
org/altbeacon/beacon/BeaconParser.java
com/firebase/jobdispatcher/d.java
cl/bci/sismo/core/b/b.java
com/onfido/android/sdk/capture/ui/camera/liveness/LivenessOverlayPresenter$startFaceTracker$3.java
com/newrelic/agent/android/tracing/TraceMachine.java
com/onfido/android/sdk/capture/ui/camera/CapturePresenter$getImageProcessingObservable$1.java
cl/bci/sismo/mach/machapp/utils/customview/edittext/EditTextBase.java
cl/bci/sismo/core/i/c.java
cl/bci/sismo/mach/machapp/e/c/d/a.java
cl/bci/sismo/mach/machapp/e/c/b/a.java
siftscience/android/TaskManager.java
cl/bci/sismo/view/groupedrecyclerview/a/a.java
org/altbeacon/beacon/logging/WarningAndroidLogger.java
com/onfido/segment/analytics/a/f.java
org/altbeacon/beacon/logging/InfoAndroidLogger.java
com/onfido/android/sdk/capture/ui/camera/CapturePresenter$start$$inlined$with$lambda$4.java
com/bumptech/glide/load/resource/bitmap/b.java
cl/bci/sismo/mach/machapp/uaf/a/a/c.java
com/newrelic/agent/android/agentdata/AgentDataController.java
com/newrelic/agent/android/instrumentation/AsyncTaskInstrumentation.java
com/firebase/jobdispatcher/b.java
com/bumptech/glide/load/a/a.java
com/onfido/android/sdk/capture/ui/camera/CapturePresenter$applyPostCaptureValidations$3.java
cl/bci/sismo/view/custombutton/ButtonBaseView.java
cl/bci/sismo/mach/accountmanager/a.java
com/bumptech/glide/load/a/g.java
siftscience/android/Queue.java
com/bumptech/glide/d/k.java
com/newrelic/agent/android/analytics/NetworkRequestEvent.java
cl/bci/sismo/core/k/a.java
com/newrelic/agent/android/stores/SharedPrefsAnalyticAttributeStore.java
cl/bci/sismo/mach/machapp/services/d/c/c.java
cl/bci/sismo/core/network/d/a.java
com/usabilla/sdk/ubform/sdk/f/c/a.java
cl/bci/sismo/mach/machapp/authorization/execution/AuthorizationExecutionRepository.java
com/newrelic/agent/android/harvest/HarvestData.java
com/bumptech/glide/load/b/a.java
com/newrelic/agent/android/instrumentation/io/CountingInputStream.java
com/apptimize/sb.java
com/newrelic/agent/android/instrumentation/retrofit/RestAdapterBuilderExtension.java
zendesk/belvedere/z.java
com/onfido/android/sdk/capture/ui/camera/liveness/LivenessConfirmationPresenter$uploadVideo$2.java
com/onfido/android/sdk/capture/ui/camera/face/CameraSource.java
zendesk/messaging/MessagingModel.java
com/newrelic/agent/android/NewRelic.java
cl/bci/sismo/service/b/c.java
cl/bci/sismo/mach/machapp/d/a.java
com/microsoft/appcenter/utils/a.java
com/newrelic/agent/android/instrumentation/TransactionStateUtil.java
com/newrelic/agent/android/measurement/BaseMeasurement.java
com/newrelic/agent/android/sample/Sampler.java
cl/bci/sismo/helpcenter/a/a.java
com/segment/analytics/a/f.java
com/newrelic/agent/android/gestures/GestureObserver.java
zendesk/belvedere/BelvedereFileProvider.java
com/bumptech/glide/load/b/b/e.java
com/bumptech/glide/b/d.java
com/appsflyer/AFLogger.java
com/bumptech/glide/b/a.java
com/newrelic/agent/android/analytics/NetworkEventController.java
com/newrelic/agent/android/harvest/HarvestConnection.java
com/usabilla/sdk/ubform/f/e.java
com/onfido/android/sdk/capture/ui/camera/CapturePresenter$startFaceTracking$2.java
com/onfido/android/sdk/capture/ui/camera/CapturePresenter$startFaceTracking$5.java
cl/bci/sismo/mach/machapp/k/c.java
cl/bci/sismo/mach/machapp/home/g.java
com/bumptech/glide/load/c/o.java
com/newrelic/agent/android/instrumentation/httpclient/HttpResponseEntityImpl.java
com/newrelic/agent/android/agentdata/AgentDataReporter.java
com/apptimize/bu.java
org/altbeacon/beacon/utils/EddystoneTelemetryAccessor.java
com/newrelic/agent/android/crash/UncaughtExceptionHandler.java
com/newrelic/agent/android/gestures/GestureReporter.java
com/onfido/android/sdk/capture/ui/camera/liveness/LivenessConfirmationPresenter$onVideoStarted$$inlined$forEach$lambda$2.java
com/newrelic/agent/android/harvest/Harvest.java
com/onfido/android/sdk/capture/ui/camera/CapturePresenter$start$$inlined$with$lambda$11.java
zendesk/belvedere/q.java
cl/bci/sismo/mach/machapp/services/d/c/a.java
cl/bci/sismo/core/network/d/c.java
com/bumptech/glide/g.java
cl/bci/sismo/mach/machapp/main/c.java
com/bumptech/glide/load/resource/bitmap/RecyclableBufferedInputStream.java
siftscience/android/DevicePropertiesCollector.java
com/bumptech/glide/load/c/n.java
org/altbeacon/beacon/logging/VerboseAndroidLogger.java
com/bumptech/glide/g/b/k.java
siftscience/android/AppStateCollector.java
com/bumptech/glide/load/b/a/f.java
com/newrelic/agent/android/MeasurementEngine.java
cl/bci/sismo/service/h/d.java
com/newrelic/agent/android/instrumentation/TransactionState.java
com/bumptech/glide/i/a.java
com/apptimize/xt.java
com/bumptech/glide/g/a.java
cl/bci/sismo/view/textview/BaseTextView.java
com/newrelic/agent/android/analytics/EventManagerImpl.java
cl/bci/sismo/mach/ui/fourdigitsinput/DigitView.java
com/newrelic/agent/android/util/NetworkFailure.java
cl/bci/sismo/service/h/g.java
com/bumptech/glide/load/resource/c/i.java
com/onfido/android/sdk/capture/ui/camera/CapturePresenter$start$4$14.java
cl/bci/sismo/service/b/d.java
com/bumptech/glide/c/a.java
com/bumptech/glide/load/a/f.java
com/bumptech/glide/load/resource/bitmap/m.java
com/newrelic/agent/android/tracing/ActivityTrace.java
com/newrelic/agent/android/measurement/MeasurementPool.java
net/danlew/android/joda/b.java
com/bumptech/glide/load/c/f.java
com/newrelic/agent/android/AndroidAgentImpl.java
com/apptimize/ge.java
com/onfido/android/sdk/capture/ui/camera/CapturePresenter$onRecordingStarted$4.java
cl/bci/sismo/core/b/a.java
com/onfido/android/sdk/capture/ui/camera/CapturePresenter$start$3.java
com/newrelic/agent/android/util/PersistentUUID.java
com/onfido/android/sdk/capture/utils/JSONResourceReader.java
com/newrelic/agent/android/harvest/Harvester.java
cl/bci/sismo/mach/machapp/uaf/a/d.java
com/newrelic/agent/android/util/ExceptionHelper.java
com/onfido/api/client/OnfidoFetcher.java
cl/bci/sismo/mach/machapp/utils/c/a.java
io/branch/referral/s.java
cl/bci/sismo/mach/machapp/utils/customview/buttons/ButtonBase.java
net/danlew/android/joda/d.java
cl/bci/sismo/mach/machapp/splash/SplashScreenActivity.java
com/zendesk/logger/Logger.java
com/airbnb/lottie/f/c.java
com/newrelic/agent/android/crash/CrashReporter.java
com/newrelic/agent/android/harvest/HarvestTimer.java
com/apptimize/wg.java
com/bumptech/glide/load/b/b/i.java
cl/bci/sismo/mach/machapp/main/MainActivity.java
com/firebase/jobdispatcher/r.java
com/newrelic/agent/android/AgentConfiguration.java
cl/bci/sismo/core/g/e.java
com/onfido/android/sdk/capture/ui/camera/liveness/LivenessOverlayPresenter$startFaceTracker$11.java
com/firebase/jobdispatcher/o.java
cl/bci/sismo/util/j.java
com/onfido/android/sdk/capture/ui/camera/liveness/LivenessOverlayPresenter$startFaceTracker$8.java
com/onfido/android/sdk/capture/ui/camera/face/CameraSourceFactory.java
com/bumptech/glide/load/resource/bitmap/l.java
com/firebase/jobdispatcher/i.java
com/newrelic/agent/android/payload/PayloadController.java
com/apptimize/ax.java
cl/bci/sismo/core/g/b.java
com/airbnb/lottie/LottieAnimationView.java
com/newrelic/agent/android/crash/CrashSender.java
com/newrelic/agent/android/logging/AndroidAgentLog.java
com/bumptech/glide/load/resource/c/j.java
com/onfido/android/sdk/capture/ui/camera/CapturePresenter$start$$inlined$with$lambda$8.java
cl/bci/sismo/mach/machapp/utils/appbase/b.java
com/bumptech/glide/load/b/c/a.java
cl/bci/sismo/mach/machapp/e/c/c/a.java
com/bumptech/glide/load/resource/bitmap/f.java
cl/bci/sismo/mach/machapp/contacts/d.java
com/bumptech/glide/load/b/c.java
Medium
CVSS:4.3
IP Address disclosure
MASVS: MSTG-CODE-2
CWE-200 Information Exposure
Files:
 cl/bci/sismo/core/f/ab.java
High
CVSS:5.9
App uses SQLite Database and execute raw SQL query. Untrusted user input in raw SQL queries can cause SQL Injection. Also sensitive information should be encrypted and written to the database.
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
M7: Client Code Quality
Files:
 com/usabilla/sdk/ubform/b/a/a/e.java
com/usabilla/sdk/ubform/b/b.java
com/usabilla/sdk/ubform/b/a/b/d.java
cl/bci/sismo/core/db/c/a.java
com/apptimize/nb.java
com/usabilla/sdk/ubform/b/a/c/e.java
com/newrelic/agent/android/instrumentation/SQLiteInstrumentation.java
cl/bci/sismo/core/db/AppDatabase_Impl.java
cl/bci/sismo/core/db/c/b.java
cl/bci/sismo/core/db/c/c.java
com/usabilla/sdk/ubform/b/a/a/c.java
com/usabilla/sdk/ubform/b/a/c/c.java
High
CVSS:7.5
The App uses an insecure Random Number Generator.
MASVS: MSTG-CRYPTO-6
CWE-330 Use of Insufficiently Random Values
M5: Insufficient Cryptography
Files:
 com/usabilla/sdk/ubform/d/d.java
kotlin/a/u.java
com/onfido/android/sdk/capture/ui/camera/liveness/LivenessChallenge.java
cl/bci/sismo/mach/machapp/transactionexecution/b.java
okio/Options.java
com/apptimize/qt.java
com/microsoft/appcenter/utils/c.java
com/usabilla/sdk/ubform/d/a/b.java
com/appsflyer/internal/d.java
kotlin/a/p.java
com/appboy/support/IntentUtils.java
kotlin/h/b.java
com/newrelic/agent/android/util/Util.java
cl/bci/sismo/core/j/c/b/c.java
bo/app/p3.java
kotlin/h/a.java
High
CVSS:5.9
SHA-1 is a weak hash known to have hash collisions.
MASVS: MSTG-CRYPTO-4
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
M5: Insufficient Cryptography
Files:
 cl/bci/sismo/core/b/a.java
com/newrelic/agent/android/harvest/HttpError.java
com/appsflyer/internal/aj.java
Info
CVSS:0
This App uses SSL certificate pinning to detect or prevent MITM attacks in secure communication channel.
MASVS: MSTG-NETWORK-4
Files:
 cl/bci/sismo/core/network/helpers/e.java
com/onfido/api/client/OnfidoFetcher.java
Low
CVSS:0
This App copies data to clipboard. Sensitive data should not be copied to clipboard as other applications can access it.
MASVS: MSTG-STORAGE-10
Files:
 com/apptimize/an.java
cl/bci/sismo/mach/machapp/more/d/a.java
cl/bci/sismo/mach/ui/trackinglist/item/b.java
cl/bci/sismo/mach/machapp/cards/physical/activation/tracking/b/a/a.java
cl/bci/sismo/mach/machapp/cashinout/cashin/transaction/b.java
cat/ereza/customactivityoncrash/activity/DefaultErrorActivity.java
High
CVSS:5.5
App can read/write to External Storage. Any App can read data written to External Storage.
MASVS: MSTG-STORAGE-2
CWE-276 Incorrect Default Permissions
M2: Insecure Data Storage
Files:
 cl/bci/sismo/service/f/a.java
com/apptimize/ov.java
com/usabilla/sdk/ubform/f/b/f.java
com/newrelic/agent/android/AndroidAgentImpl.java
High
CVSS:7.4
MD5 is a weak hash known to have hash collisions.
MASVS: MSTG-CRYPTO-4
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
M5: Insufficient Cryptography
Files:
 com/appboy/support/StringUtils.java
com/appsflyer/internal/aj.java
High
CVSS:0
This App may request root (Super User) privileges.
MASVS: MSTG-RESILIENCE-1
CWE-250 Execution with Unnecessary Privileges
Files:
 siftscience/android/DevicePropertiesCollector.java
Info
CVSS:0
This App may have root detection capabilities.
MASVS: MSTG-RESILIENCE-1
Files:
 siftscience/android/DevicePropertiesCollector.java
High
CVSS:5.5
App creates temp file. Sensitive information should never be written into a temp file.
MASVS: MSTG-STORAGE-2
CWE-276 Incorrect Default Permissions
M2: Insecure Data Storage
Files:
 cl/bci/sismo/service/f/a.java
com/apptimize/q_.java
High
CVSS:5.4
Remote WebView debugging is enabled.
MASVS: MSTG-RESILIENCE-2
CWE-919 - Weaknesses in Mobile Applications
M1: Improper Platform Usage
Files:
 zendesk/support/guide/ViewArticleActivity.java
Pygal Austria: 300 Switzerland: 100 Chile: 200 Germany: 600 Ireland: 400 United States: 1800

Map computed by Pithus.

Domains analysis

Information computed with MobSF.

US tools.android.com 216.58.212.147
mobile-service.segment.com
US data.altbeacon.org 34.205.35.34
IE api.usabilla.com 34.246.229.45
api.s.onfido.com
US api2.branch.io 65.9.66.42
US ayuda.somosmach.com 104.16.51.111
AT api.branch.io 13.32.29.103
US sismo-147112.firebaseio.com 35.201.97.85
US appboy-images.com 151.101.129.130
CH www.slf4j.org 83.173.251.158
US sdk.iad-01.braze.com 151.101.13.208
IE www.somosmach.com 52.212.43.230
US api.segment.io 34.210.41.193
CL www.uaf.cl 200.75.25.51
US www.zendesk.com 104.18.3.228
US cdn.branch.io 65.9.66.73
DE staging.bci-mach-recargas.com 13.35.253.20
AT api.soymach.com 13.32.29.99
US www.bci.cl 104.18.18.163
US www.braze.com 151.101.65.208
IE w.usabilla.com 52.16.234.243
US api.onfido.com 65.9.66.127
US fonts.googleapis.com 216.58.212.170
US issuetracker.google.com 142.250.186.174
DE recargas.somosmach.com 13.35.253.85
DE sdk.out.usbla.net 143.204.209.114
AT www.usabilla.com 13.32.29.100
DE bnc.lt 143.204.209.48
US sondheim.appboy.com 151.101.12.233
CL mach.bci.cl 199.186.28.218
US machhelp.zendesk.com 104.16.53.111
DE realm.io 143.204.98.126
IE analytics-sdk.onfido.com 52.208.238.14
US api3.siftscience.com 35.244.208.123
DE cdn-settings.segment.com 99.86.0.85

URL analysis

Information computed with MobSF.

https://realm.io/news/android-installation-change/
Defined in io/realm/aa.java
https://issuetracker.google.com/issues/36918154
Defined in io/realm/x.java
https://cdn.branch.io/sdk/uriskiplist_v#.json
Defined in io/branch/referral/al.java
https://bnc.lt/a/
Defined in io/branch/referral/v.java
https://api2.branch.io/
https://api.branch.io/
Defined in io/branch/referral/s.java
https://api2.branch.io/
https://api.branch.io/
Defined in io/branch/referral/s.java
http://tools.android.com/tech-docs/new-build-system/user-guide/manifest-merger
Defined in zendesk/belvedere/z.java
https://www.zendesk.com/embeddables
Defined in zendesk/support/SupportSdkSettings.java
https://sdk.out.usbla.net
https://w.usabilla.com/incoming
https://api.usabilla.com/v2/sdk
Defined in com/usabilla/sdk/ubform/net/c.java
https://sdk.out.usbla.net
https://w.usabilla.com/incoming
https://api.usabilla.com/v2/sdk
Defined in com/usabilla/sdk/ubform/net/c.java
https://sdk.out.usbla.net
https://w.usabilla.com/incoming
https://api.usabilla.com/v2/sdk
Defined in com/usabilla/sdk/ubform/net/c.java
http://www.usabilla.com
Defined in com/usabilla/sdk/ubform/sdk/f/d/b.java
http://support.newrelic.com.
Defined in com/newrelic/agent/android/NewRelic.java
https://mobile-service.segment.com/v1/attribution
https://cdn-settings.segment.com/v1/projects/
https://api.segment.io/v1/import
Defined in com/onfido/segment/analytics/e.java
https://mobile-service.segment.com/v1/attribution
https://cdn-settings.segment.com/v1/projects/
https://api.segment.io/v1/import
Defined in com/onfido/segment/analytics/e.java
https://mobile-service.segment.com/v1/attribution
https://cdn-settings.segment.com/v1/projects/
https://api.segment.io/v1/import
Defined in com/onfido/segment/analytics/e.java
https://api.onfido.com/v2/
https://api.%s.onfido.com/v2/
Defined in com/onfido/api/client/OnfidoAPIFactory.java
https://api.onfido.com/v2/
https://api.%s.onfido.com/v2/
Defined in com/onfido/api/client/OnfidoAPIFactory.java
https://api.onfido.com/v2/
https://api.%s.onfido.com/v2/
Defined in com/onfido/api/client/Url.java
https://api.onfido.com/v2/
https://api.%s.onfido.com/v2/
Defined in com/onfido/api/client/Url.java
https://analytics-sdk.onfido.com
Defined in com/onfido/android/sdk/capture/BuildConfig.java
https://www.braze.com/docs/developer_guide/platform_integration_guides/android/initial_sdk_setup/android_sdk_integration/
Defined in com/appboy/Appboy.java
https://sondheim.appboy.com/api/v3/
https://sdk.iad-01.braze.com/api/v3/
Defined in com/appboy/configuration/AppboyConfigurationProvider.java
https://sondheim.appboy.com/api/v3/
https://sdk.iad-01.braze.com/api/v3/
Defined in com/appboy/configuration/AppboyConfigurationProvider.java
https://cdn-settings.segment.com/v1/projects/
https://api.segment.io/v1/import
https://mobile-service.segment.com/v1/attribution
Defined in com/segment/analytics/f.java
https://cdn-settings.segment.com/v1/projects/
https://api.segment.io/v1/import
https://mobile-service.segment.com/v1/attribution
Defined in com/segment/analytics/f.java
https://cdn-settings.segment.com/v1/projects/
https://api.segment.io/v1/import
https://mobile-service.segment.com/v1/attribution
Defined in com/segment/analytics/f.java
https://ayuda.somosmach.com/hc/es/articles/360037468831
Defined in cl/bci/sismo/mach/machapp/cards/home/b.java
https://ayuda.somosmach.com/hc/es/requests/new?ticket_form_id=360000074112&article_id=360004739512
Defined in cl/bci/sismo/mach/machapp/cards/physical/activation/tracking/problems/b/a.java
https://ayuda.somosmach.com/hc/es/requests/new?ticket_form_id=360000074112&article_id=360004739512
Defined in cl/bci/sismo/mach/machapp/cards/physical/activation/tracking/problems/a/a.java
https://ayuda.somosmach.com/hc/es/requests/new?ticket_form_id=360000043951
Defined in cl/bci/sismo/mach/machapp/e/a/c.java
https://recargas.somosmach.com
https://staging.bci-mach-recargas.com
Defined in cl/bci/sismo/mach/machapp/more/c/a.java
https://recargas.somosmach.com
https://staging.bci-mach-recargas.com
Defined in cl/bci/sismo/mach/machapp/more/c/a.java
https://www.uaf.cl/legislacion/descargar.aspx?arid=1272
Defined in cl/bci/sismo/mach/machapp/utils/customview/a/j.java
https://ayuda.somosmach.com/hc/es/requests/new?ticket_form_id=360000074112&article_id=360003814031
Defined in cl/bci/sismo/mach/machapp/utils/appbase/GenericActivity.java
https://www.somosmach.com
Defined in cl/bci/sismo/mach/machapp/utils/b/e.java
https://api.soymach.com/mobile/
Defined in cl/bci/sismo/core/network/f.java
https://api.soymach.com/mobile/
Defined in cl/bci/sismo/core/network/auth/b.java
https://api.soymach.com/mobile/
https://mach.bci.cl/mobile/
Defined in cl/bci/sismo/core/network/helpers/d.java
https://api.soymach.com/mobile/
https://mach.bci.cl/mobile/
Defined in cl/bci/sismo/core/network/helpers/d.java
https://ayuda.somosmach.com/hc/es/requests/new
https://machhelp.zendesk.com
Defined in cl/bci/sismo/service/h/f.java
https://ayuda.somosmach.com/hc/es/requests/new
https://machhelp.zendesk.com
Defined in cl/bci/sismo/service/h/f.java
https://fonts.googleapis.com/css?family=Nunito
Defined in cl/bci/sismo/helpcenter/modules/d/a.java
http://data.altbeacon.org/android-distance.json
Defined in org/altbeacon/beacon/BeaconManager.java
http://www.slf4j.org/codes.html#StaticLoggerBinder
http://www.slf4j.org/codes.html#substituteLogger
http://www.slf4j.org/codes.html#replay
http://www.slf4j.org/codes.html#version_mismatch
http://www.slf4j.org/codes.html#multiple_bindings
http://www.slf4j.org/codes.html#loggerNameMismatch
http://www.slf4j.org/codes.html#unsuccessfulInit
Defined in org/c/c.java
http://www.slf4j.org/codes.html#StaticLoggerBinder
http://www.slf4j.org/codes.html#substituteLogger
http://www.slf4j.org/codes.html#replay
http://www.slf4j.org/codes.html#version_mismatch
http://www.slf4j.org/codes.html#multiple_bindings
http://www.slf4j.org/codes.html#loggerNameMismatch
http://www.slf4j.org/codes.html#unsuccessfulInit
Defined in org/c/c.java
http://www.slf4j.org/codes.html#StaticLoggerBinder
http://www.slf4j.org/codes.html#substituteLogger
http://www.slf4j.org/codes.html#replay
http://www.slf4j.org/codes.html#version_mismatch
http://www.slf4j.org/codes.html#multiple_bindings
http://www.slf4j.org/codes.html#loggerNameMismatch
http://www.slf4j.org/codes.html#unsuccessfulInit
Defined in org/c/c.java
http://www.slf4j.org/codes.html#StaticLoggerBinder
http://www.slf4j.org/codes.html#substituteLogger
http://www.slf4j.org/codes.html#replay
http://www.slf4j.org/codes.html#version_mismatch
http://www.slf4j.org/codes.html#multiple_bindings
http://www.slf4j.org/codes.html#loggerNameMismatch
http://www.slf4j.org/codes.html#unsuccessfulInit
Defined in org/c/c.java
http://www.slf4j.org/codes.html#StaticLoggerBinder
http://www.slf4j.org/codes.html#substituteLogger
http://www.slf4j.org/codes.html#replay
http://www.slf4j.org/codes.html#version_mismatch
http://www.slf4j.org/codes.html#multiple_bindings
http://www.slf4j.org/codes.html#loggerNameMismatch
http://www.slf4j.org/codes.html#unsuccessfulInit
Defined in org/c/c.java
http://www.slf4j.org/codes.html#StaticLoggerBinder
http://www.slf4j.org/codes.html#substituteLogger
http://www.slf4j.org/codes.html#replay
http://www.slf4j.org/codes.html#version_mismatch
http://www.slf4j.org/codes.html#multiple_bindings
http://www.slf4j.org/codes.html#loggerNameMismatch
http://www.slf4j.org/codes.html#unsuccessfulInit
Defined in org/c/c.java
http://www.slf4j.org/codes.html#StaticLoggerBinder
http://www.slf4j.org/codes.html#substituteLogger
http://www.slf4j.org/codes.html#replay
http://www.slf4j.org/codes.html#version_mismatch
http://www.slf4j.org/codes.html#multiple_bindings
http://www.slf4j.org/codes.html#loggerNameMismatch
http://www.slf4j.org/codes.html#unsuccessfulInit
Defined in org/c/c.java
https://api3.siftscience.com/v3/accounts/%s/mobile_events
Defined in siftscience/android/Sift.java
https://sismo-147112.firebaseio.com
https://appboy-images.com/appboy/communication/assets/image_assets/images/5d8ccdecd518e12d5a656641/original.png
https://www.bci.cl/corporacion/politicas-de-privacidad
Defined in Android String Resource
https://sismo-147112.firebaseio.com
https://appboy-images.com/appboy/communication/assets/image_assets/images/5d8ccdecd518e12d5a656641/original.png
https://www.bci.cl/corporacion/politicas-de-privacidad
Defined in Android String Resource
https://sismo-147112.firebaseio.com
https://appboy-images.com/appboy/communication/assets/image_assets/images/5d8ccdecd518e12d5a656641/original.png
https://www.bci.cl/corporacion/politicas-de-privacidad
Defined in Android String Resource

Permissions analysis

Information computed with MobSF.

High android.permission.AUTHENTICATE_ACCOUNTS act as an account authenticator
Allows an application to use the account authenticator capabilities of the Account Manager, including creating accounts as well as obtaining and setting their passwords.
High android.permission.GET_ACCOUNTS list accounts
Allows access to the list of accounts in the Accounts Service.
High android.permission.MANAGE_ACCOUNTS manage the accounts list
Allows an application to perform operations like adding and removing accounts and deleting their password.
High android.permission.USE_CREDENTIALS use the authentication credentials of an account
Allows an application to request authentication tokens.
High android.permission.READ_PROFILE read the user's personal profile data
Allows an application to read the user's personal profile data.
High android.permission.READ_CONTACTS read contact data
Allows an application to read all of the contact (address) data stored on your phone. Malicious applications can use this to send your data to other people.
High android.permission.CAMERA take pictures and videos
Allows application to take pictures and videos with the camera. This allows the application to collect images that the camera is seeing at any time.
High android.permission.WRITE_EXTERNAL_STORAGE read/modify/delete external storage contents
Allows an application to write to external storage.
High android.permission.READ_EXTERNAL_STORAGE read external storage contents
Allows an application to read from external storage.
High android.permission.ACCESS_COARSE_LOCATION coarse (network-based) location
Access coarse location sources, such as the mobile network database, to determine an approximate phone location, where available. Malicious applications can use this to determine approximately where you are.
High android.permission.GET_TASKS retrieve running applications
Allows application to retrieve information about currently and recently running tasks. May allow malicious applications to discover private information about other applications.
High android.permission.RECORD_AUDIO record audio
Allows application to access the audio record path.
High android.permission.READ_PHONE_STATE read phone state and identity
Allows the application to access the phone features of the device. An application with this permission can determine the phone number and serial number of this phone, whether a call is active, the number that call is connected to and so on.
Low android.permission.VIBRATE control vibrator
Allows the application to control the vibrator.
Low android.permission.BLUETOOTH create Bluetooth connections
Allows applications to connect to paired bluetooth devices.
Low android.permission.BLUETOOTH_ADMIN bluetooth administration
Allows applications to discover and pair bluetooth devices.
Low android.permission.USE_FINGERPRINT allow use of fingerprint
This constant was deprecated in API level 28. Applications should request USE_BIOMETRIC instead
Low android.permission.INTERNET full Internet access
Allows an application to create network sockets.
Low android.permission.ACCESS_NETWORK_STATE view network status
Allows an application to view the status of all networks.
Low android.permission.WAKE_LOCK prevent phone from sleeping
Allows an application to prevent the phone from going to sleep.
Low android.permission.RECEIVE_BOOT_COMPLETED automatically start at boot
Allows an application to start itself as soon as the system has finished booting. This can make it take longer to start the phone and allow the application to slow down the overall phone by always running.
Low android.permission.FOREGROUND_SERVICE Allows a regular application to use Service.startForeground
Low android.permission.REORDER_TASKS reorder applications running
Allows an application to move tasks to the foreground and background. Malicious applications can force themselves to the front without your control.
Medium com.google.android.c2dm.permission.RECEIVE C2DM permissions
Permission for cloud to device messaging.
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE Unknown permission
Unknown permission from android reference

Tracking analysis

Information computed with Exodus-core.

AltBeacon https://reports.exodus-privacy.eu.org/fr/trackers/219
AppsFlyer https://reports.exodus-privacy.eu.org/fr/trackers/12
Apptimize https://reports.exodus-privacy.eu.org/fr/trackers/135
Branch https://reports.exodus-privacy.eu.org/fr/trackers/167
Braze (formerly Appboy) https://reports.exodus-privacy.eu.org/fr/trackers/17
Google CrashLytics https://reports.exodus-privacy.eu.org/fr/trackers/27
Google Firebase Analytics https://reports.exodus-privacy.eu.org/fr/trackers/49
Microsoft Visual Studio App Center Analytics https://reports.exodus-privacy.eu.org/fr/trackers/243
Microsoft Visual Studio App Center Crashes https://reports.exodus-privacy.eu.org/fr/trackers/238
New Relic https://reports.exodus-privacy.eu.org/fr/trackers/130
Segment https://reports.exodus-privacy.eu.org/fr/trackers/62

Threat analysis

Information computed with Quark-Engine.

Confidence:
100%
Start another application from current application
Confidence:
100%
Load external class
Confidence:
100%
Implicit intent(view a web page, make a phone call, etc.)
Confidence:
100%
Find a method from given class name, usually for reflection
Confidence:
100%
Connect to a URL and receive input stream from the server
Confidence:
100%
Put the compressed bitmap data into JSON object
Confidence:
100%
Modify voice volume
Confidence:
100%
Method reflection
Confidence:
100%
Get the network operator name
Confidence:
100%
Connect to a URL and read data from it
Confidence:
100%
Monitor data identified by a given content URI changes(SMS, MMS, etc.)
Confidence:
100%
Load class from given class name
Confidence:
100%
Retrieve data from broadcast
Confidence:
100%
Use absolute path of directory for the output media file path
Confidence:
100%
Read sensitive data(SMS, CALLLOG, etc)
Confidence:
100%
Open a file from given absolute path of the file
Confidence:
100%
Implicit intent(view a web page, make a phone call, etc.) via setData
Confidence:
100%
Connect to a URL and get the response code
Confidence:
100%
Monitor the broadcast action events (BOOT_COMPLETED)
Confidence:
100%
Get absolute path of the file and store in string
Confidence:
100%
Read file from assets directory
Confidence:
100%
Get last known location of the device
Confidence:
100%
Get calendar information
Confidence:
100%
Get lo